Jump to content
Not connected, Your IP: 18.206.14.135
Valerian

The NSA sure breaks a lot of "unbreakable" crypto. This is probably how they do it.

Recommended Posts

Article from BoingBoing:

 

'For instance, the Snowden documents show that NSA’s VPN decryption infrastructure involves intercepting encrypted connections and passing certain data to supercomputers, which return the key. The design of the system goes to great lengths to collect particular data that would be necessary for an attack on Diffie-Hellman but not for alternative explanations, like a break in AES or other symmetric crypto.

 

'While the documents make it clear that NSA uses other attack techniques, like software and hardware “implants,” to break crypto on specific targets, these don’t explain the ability to passively eavesdrop on VPN traffic at a large scale.'

 

 

http://boingboing.net/2015/10/15/the-nsa-sure-breaks-a-lot-of.html

Share this post


Link to post

Nissemus,

 

Thanks for posting this.  I just signed on with the intention of posting the same information from today's  "Guardian":

 

http://www.theguardian.com/technology/2015/oct/15/nsa-crack-encryption-software-reusing-passwords

 

 

I assume that if this is hitting the mainstream press, then a lot of tech savvy people  here have known about it for a while and can probably offer their insights.

 

I hope this topic stimulates more comments/discussion.  I, for one, would like to know how this relates to the encryption used by AirVPN.

Share this post


Link to post

Hello!

 

We remind you that we use 4096 bit keys for DH and unique primes on each VPN server.

 

Kind regards

I love how AirVPN has every potential issue solved before it's even a problem.

Share this post


Link to post

I figured when I posted the link to the arstechnica article that we would hear from the AirVPN guys that they already had it covered, lol.

Share this post


Link to post

Hello!

 

We remind you that we use 4096 bit keys for DH and unique primes on each VPN server.

 

Kind regards

 

 

Just curious as to HOW you generate "unique primes" and how often if at all they are rotated?

Share this post


Link to post

 

Hello!

 

We remind you that we use 4096 bit keys for DH and unique primes on each VPN server.

 

Kind regards

 

 

Just curious as to HOW you generate "unique primes" and how often if at all they are rotated?

This ^

 

I would also give anything for key regeneration/cycle every X weeks or something

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...